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(54) Data Encryption 



(57) A method of encrypting digital data to be transmitted comprises transforming each bit of data into a 
corresponding bit in dependence on an encryption key. In the form of a further bit sequence. A logical 
exclusive OR function is employed, both to encrypt the data and subsequently for decryption. 

This finds particular application in the transmission of MPEG audio anoYor video data which may be 
subject to copyright protection. 
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DATA ENCRVPTTOfJ 



The present invention relates to encryption and/or 
decryption of transmitted data and in particular to 
transmitted audio and/or video data. 
10 Whenever audio/video data is transmitted from a 

transmitting station to a receiving station, there is the 
risk that third parties may also receive the data, and, in 
the case of data subject to copyright protection, they can 
prevent copyright owners receiving appropriate remuneration. 
15 In the case of such transmission occurring on the Internet, 
large numbers of people could receive, and therefore benefit 
from, such data transmission without paying appropriate 
royalties. To overcome this problem, it has been proposed 
to encrypt certain parts of the transmitted data with the 
20 aim of enabling reception only by authorised receivers, who 
are provided with means for decrypting the data. 

A preferred format for audio data transmission on the 
Internet is MPEG, as described in ISO IEC 11172-1,2,3,4,5. 
This format uses a data compression technique to enable 
25 large amounts of data to be transmitted for a given 
bandwidth, such data is transmitted in data files termed 
"bitstreams" having four separate sections, namely: (l) a 
header section containing synchronization and stereo/mono 
state data; (2) an error check data section containing 
"30 information regarding error detection; (3) an audio data 
section containing the audio data which may be subject to 
copyright protection; and (4) an ancillary data section. 

It has been suggested that such data files ^ouia be 
protected against unauthorised reception and redistribution 
35 by encrypting the ancillary data section. However, it is 
feasible for a user to receive such a data file, remove the 
header and ancillary data sections and to replace them, 
thereby circumventing the encryption. 
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Conventional encryption methods are based on an 
algorithmic transformation of a group of data bits. Such 
a process is, however, time-consuming, and this is the 
reason why the audio/video data is not generally encoded 
5 It would therefore be desirable to provide a method of 

encryption and/or decryption which overcomes, or at least 
mitigates, this problem. 

in accordance with a first aspect of the present 
invention there is provided a method of encrypting data in 
10 the form of a first sequence of bits into a second sequence 
of bits, the method comprising individually transforming 
each bit of said first sequence into a corresponding bit of 
said second sequence in dependence on an encryption key. 
The method extends to a data transmission method 
15 incorporating such an encryption method. 

In accordance with a further aspect of the present 
invention there is provided data decryption apparatus 
comprising means for receiving a sequence of bits 
representing encrypted data, means for individually 
20 transforming each bit of the sequence into a corresponding 
bit of a further sequence in dependence on an encryption 
key. 

A preferred embodiment of the present invention will now 
be described with reference to the accompanying drawing 

25 which illustrates a transmission system incorporating data 
encryption and decryption of the preferred embodiment. 

A server stores identity codes UNI, UN2, UN3 ... for all 
authorised users USER 1, USER 2, USER 3 ... of the system. 
The server also stores audio and/or video data X, y which 

^0-- may-be- requested by one or more of the users, when a user, 
e.g. USER l, requests transmission of audio data X, it 
transmits to the server its unique identity code UNI, 
together with a request for audio data X. The server then 
encrypts a data file X including audio data X using the 

35 identity code UNI as the encryption key and transmits the 
encrypted data file to USER i. USER l then decrypts the 
encrypted data using the encryption key UNI to regenerate 
the original data file X including the audio data X. Whilst 



it is possible for other users to receive this data, they 
will not be able to decrypt it, because their respective 
decryption keys UN2, UN3 ... are different from UNI. 

The method of encryption is as follows. Each data bit 
5 within the data file X is logically combined as an exclusive 
OR (XOR) function with a corresponding bit from a bit 
sequence constituting the user identity code, e.g. uni. An 
exclusive OR function is a logical combination having the 
value o if both data bits A and B are the same and the value 
10 1 if they are different: 



B A XOR B 



15 0 0 



0 

0 1 1 

1 o i 
1 1 0 
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For example, if the audio data X comprises the bit sequence 
1001110 ... and the user identity code UNI comprises the bit 
sequence OOOiioi . . . , then the resulting combination would 
be 1000011 . . . 

25 when the user receives the encrypted data, a 

corresponding decryption method is used, again using an 
exclusive OR function. Such a function has the property 
that if the exclusive OR combination C, of two bits A and B 
xs itself combined with one of the two bits, e.g. a, the 

30 other bit B is generated: 



A B A XOR B=C 

35 0 0 o 



C XOR A m b 



is i l I I i 

i_i ° Si ; 
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Thus, xn the above example, when the resulting XOR 
combination is recombined with the user identity code UNI 
the original data file X is retrieved, as follows- 
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Data file X (A) 


1001 110 


User identity code UNI (B) 


0001101 ... 


XOR combination of A and B (C) 


1000011 ... 


User identity code UNI (B) 


0001101 ... 


XOR combination of B and C 
- Data file X 


1001110 ... 
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15 The user identity code is typically 32 or 64 bits long, 

and when the last bit of the code has been used the sequence 
is repeated until all the audio data has been encrypted. 

Initially, a user is , registered by supplying 
credit/debit card details to the server, and, once suitable 
bank checks have been made, the server generates a unique 
user identity code which is stored in a user's module. When 
a user requires a data transmission, the user identity code 
is read from the module and transmitted, along with the data 
request, to the server. It will be appreciated that the 
25 above-described preferred embodiment of the present 
invention provides a secure method of transmitting data from 
a server of a user thus preventing unauthorised reception of 
copyright-protected data. Various modifications of the 
preferred embodiment may be made without departing from the 
scope of the invention, which is defined by the following 
claims . 
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CLAIMS 



1. A method of encrypting data in the form of a first 
sequence of bits into a second sequence of bits the method 

5 comprising individually transforming each bit of said first 
sequence into a corresponding bit of said second sequence in 
dependence on an encryption key. 

2. A method as claimed in claim l, wherein said encryption 
10 key comprises a third sequence of bits. 

3. A method as claimed in claim 2, wherein said encryption 
key comprises 32 bits. 

15 4. A method as claimed in claim 2, wherein said encryption 
key comprises 64 bits. 

5. A method as claimed in any one of claims 2 to 4, wherein 
the individual transformation comprises logically combining 

20 each bit of said first sequence with a bit selected from 
said third sequence. 

6. A method as claimed in claim 5 r wherein the bits of said 
first and third sequences are so combined using a logical 

25 exclusive OR function. 



7. A method as claimed in claim 5 or claim 6, wherein the 
bits of said third sequence are selected sequentially from 
the first bit in the third sequence to the last bit and 
30 wherein the sequential selection is repeated until all bits 
of the first sequence have been logically combined. 
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A method as claimed in any preceding claim, wherein the 
first sequence of bits comprises audio or video data within 
35 an MPEG bitstream. 



9. A method as claimed in claim 8, wherein the first 
sequence of bits comprises a complete MPEG bitstream. 
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10. A data transmission method of transmitting data from a 
server to a user, the method comprising: 

receiving from a user a unique identity code and a 
5 request for data; 

encrypting the requested data in accordance with any 
preceding claim, wherein the encryption key is a function of 
the received identity code; and 

transmitting the encrypted data to the user. 

10 

11. A method as claimed in claim 10, wherein the encryption 
key is identical to the received identity code. 

12. Data decryption apparatus comprising means for receiving 
15 a sequence of bits representing encrypted data, means for 

individually transforming each bit of the sequence into a 
corresponding bit of a further sequence in dependence on an 
encryption key. 

20 13. Data decryption apparatus as claimed in claim 12, 
wherein the encryption key comprises a third sequence of 
bits, said transforming means comprising means for logically 
combining each bit of said received sequence with a bit 
selected from said third sequence. 

25 

14. Data decryption apparatus as claimed in claim 13, 
wherein said combining means comprises a logical exclusive 
OR gate. 

T0 15 * A method of encrypting data substantially as 
hereinbefore described with reference to and as shown in the 
accompanying drawing. 

16. A data transmission method substantially as hereinbefore 
35 described with reference to and as shown in the accompanying 
drawing. 



17. Data decryption apparatus substantially as hereinbefore 
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described with reference to and as shown in the accompanying 
drawing. * 
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